/*
* We assume that two principals are able to securely lookup their shared
* longterm keys. We formally express this by assuming the existence
* of a secure lookup function of the following dependent function type:
*/

fun lkupKey(p:Any,q:Any) : SharedKey(p,q);

/*
* The initiator.
*/

client Initiator
(a:Host, b:Host, s:Server, kas:SharedKey(a,s))
at a is
{
establish Responder at b is (socket:Socket);
new (nonceA:Challenge);
output socket is (a,b,nonceA);
input socket is { msg4(kab:SharedKey(a,b),nonceA,a,b) }kas
[ begun(s providing kab to a for b) ];
end(s providing kab to a for b);
}